A malware agent running on an affected computer system may attempt to communicate to its command and control (C2) server to receive instructions and upload the data collected on the affected computer system and the affected network. Various methods may be employed for detecting and preventing malware activity.